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Abstract — Smart Card technology is the emerging technology which is developing among 
common masses in our culture and widely used in the sectors of banking and industries. 
Many research works are undergoing in this area to provide highly confidential data 
transmission. Existing Scheme provides a security against offline attack for the lost Smart 
Card using Elliptic Curve Cryptography (ECC) but it requires more communication and 
computation overhead with higher key length. To overcome this limitation, DNA based 
Password authentication using Hyper Elliptic Curve Cryptography (HECC) scheme is 
proposed. It provides more security than existing system which allows server and smartcard 
to exchange the generated password and verify each other. This system exploits the 
advantages of Hyperelliptic Curve Cryptography (HECC) technique which is having lesser 
key size, less communication and computation overhead for Password generation and 
signature verification process. 

Index Terms — Smartcard, Hyper Elliptic Curve Cryptography, Deoxyribo Nucleic Acid, 
Communication complexity Computational complexity, Password generation, 
Authentication, Elliptic Curve Cryptography. 

I. Introduction 

Smart cards are widely used in many business systems which provide portable benefits and secure data 
storage, and it also incorporated in many computing systems. Smart cards are provided with memory card 
which can enable to store and secure the information using available cryptographic algorithm. Deoxyribo 
Nucleic Acid (DNA) based computing technology combined with cryptographic algorithm will provide 
secure authentication for smartcard. DNA is a long linear polymer found in the core part of a cell. DNA is 
made up of several nucleotides in the form of double helix and it is linked with the transmission of genetic 
information. DNA based computing technique mainly focuses on storage capacity and its unique property. 
Hyperelliptic Curve Cryptosystem (HECC) is used in many power constrained devices which offer equal 
security as any other public key cryptosystem with much smaller key length. This cryptographic system 
allows highly efficient computation of the underlying field arithmetic. Hyperelliptic Curve Cryptosystem is 
very much popular among other cryptosystems such as Elliptic Curve Cryptosystem (ECC), Rivest Shamir 
Adleman (RSA), Digital Encryption Standard (DES), etc., due to its shorter key length [1-5]. This section 
gives the introduction about smart card, DNA and Hyperelliptic Curve Cryptography. Section II describes 
related works. Section III deals with different phases for providing robust password authentication scheme 
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using ECC. Section IV briefly explains mathematical background of Hyperelliptic Curve Cryptography and 
also explains DNA based password authentication scheme using HECC. Section V deals with results and 
discussion in this context. Finally, it concludes the paper. 

II. Related Works 

Xing Wang applied DNA computing theories for cryptography security which transmits the message securely 
and effectively. This paper shows how cryptography works with DNA computing technique. Here, most 
famous asymmetric key RSA algorithm is used to encrypt the message and decrypt the message to provide 
greater level of security with 1024 bit key size. Major drawback of this algorithm is increased key size tends 
to increased computational complexity [6]. Reference [7] propose a novel DNA based Elliptic Curve 
Cryptography algorithm which provide the same level of security as [6] with lesser key size by employ the 
advantage of ECC. As a result, it gives lesser communication and computation overhead. Guozhen Xiao [8] 
pointed out the biological background of DNA cryptography and principle of DNA computing. This paper 
compares the status, security and application fields of DNA cryptography with traditional cryptography and 
quantum cryptography. Guangzhao Cui [9] provides information about background principle of DNA 
computing, challenges behind DNA computing based cryptology, DNA encryption techniques and 
application of DNA Computing security field. It gives brief introduction about DNA steganography and 
DNA authentication. Wen-Bing Horng [10] offers a secure and efficient user authentication scheme for 
smart card which will improve the level of security of the Peyravian-Zunic scheme. He also reveals the 
weakness of Kwon et al.'s protocol concerning off-line password forgery attack and guessing attack. Xiaoyi- 
Ying [11] proposed a novel key authentication scheme which combines the fuzzy extractor concept 
with Smart Card. This scheme can avoid guessing attack, parallel attack and masquerade attack. Seoul [12] 
uses symmetric key cryptosystem with modular exponentiation to make an efficient authentication scheme 
for non-tamper resistant smart card. He showed that Song's scheme is weak to the offline password guessing 
attack and the insider attack. Nenghai Yu [13] proposed a secure scheme which is very efficient, both in term 
of computational complexity and storage capacity. This scheme is very suitable for providing remote 
authentication in distributed application and also it was developed against password guessing attack, 
masquerade attack and replay attack. Roy prevents the clogging attack by implementing two party identity- 
based authenticated key agreement protocols [14]. 

III. Existing Password Authentication Scheme 

Existing password authentication scheme for smart card consists of five phases: Parameter generation phase, 
registration phase, pre-computation phase, login phase and password changing phase. In parameter 
generation phase, server generates a large prime number, two field elements. With the help of these number 
fields, it will generate a point from order n. Server also selects private key and public key for exchanging a 
data between the users and distributes the generated parameter. In registration phase, user uses the Smart card 
to send identification information to server for authentication purpose. The user receives and stores the 
parameter into the smart card. In Pre-computation phase, smart card generates a random variable and stores 
the calculated values in a card memory for further use. In log-in phase, session key is generated, verified and 
exchanged between user and Smart Card. In password changing phase, user can able to change the password 
frequently with the help of session key which is produced in log-in phase [15]. 

IV. Proposed Dna Based Password Authentication Scheme Using Hyperelliptic Curve 
Cryptography 

Existing scheme needs to enter the password directly which will create insecure environment between smart 
card and server. It exploits the advantages of Elliptic Curve Cryptography for key exchange, encryption and 
decryption process. It require 160 bit key length to provide greater level of security, tends to high 
communication and computational overhead. In order to avoid the above limits, DNA based password 
authentication scheme using Hyperelliptic Curve Cryptography is proposed. This will generate the password 
based on DNA molecule and will authenticate both smart card and server. In order to provide higher level of 
security, password generation phase and authentication phase is added in this proposed scheme. The 
proposed scheme employs the advantages of Hyperelliptic Curve Cryptography to provide same level of 
security with 80-bit key size, and less communication and computational overhead. In 1988, Neal Koblitz 
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proposed an expansion of Elliptic Curve cryptosystem known as Hyperelliptic Curve Cryptosystem. 
Hyperelliptic Curve Cryptosystem was widely used fast public key cryptosystem in many power constrained 
devices with high efficiency and security. HECC was very much famous because of its high efficiency, 
shorter key length, easily implemented for software and hardware applications, less communication and 
computational overhead, less consuming power, less processing time. The security of HECC is based on the 
Hyperelliptic Curve Discrete Logarithmic Problem (HECDLP), (i.e) k e Zp, the computation of K=k x P 
where K is the private key and P is the public key of the user. So, the security of HECC lies on the discrete 
logarithm problem in the Jacobian of the curve [16-20]. These security features and characterize of HECC 
allows to use in less memory and less power smart card device. Hyperelliptic points are generated from the 
curve C which form a Jacobian group and divisor. These two key elements are useful for cryptographic 
scheme which is transformed from Hyperelliptic Curve. Proposed scheme enhances the server performance 
when Smart card content is disclosed. Proposed scheme consists of six phases: Parameter generation phase, 
Password generation phase, Registration phase, Pre-Computation phase, Authentication phase and Password 
changing phase. 

A. Parameter Generation Phase 

The related parameters are generated using Hyperelliptic Curve C for encryption and decryption process. 
From the curve C, private and public keys are generated using contor algorithm. The process involved to 
generate both keys is shown as follows: 

Input : Public parameters are Hyperelliptic curve C, prime p and divisor D. 
Output : Public key Ps and Private key Xs. 
Process : 

Step 1: Server choose a Hyperelliptic curve Equation of genus g (g >2) over F(q) as shown in (1) 

y 2 +h(x).y=f(x) (1) 

where, 

h(x) is a polynomial of degree, g. 

f(x) is monic polynomial of degree 2g+l, which satisfies the equation , 

h(x)'.y = f(x) (2) 

2y + h(x) = (3) 

Step 2 : From the points of Hyperelliptic curve C, server generates a set of elements of Jacobian over J(F q ) 
can be represented in (4), 

D = Zm 1 P 1 (4) 

where 

mi>0 

D - Reduced divisor 
Pi - Finite points 

Step 3: The server generates a point G from order n, satisfies n x G=0. 

Step 4: The server picks a random number X s to be the private key and computes the public key P S =X S x G. 
Step 5: The server issues the parameter (P s , G, D, C, n). 

B. Password Generation Phase 

Each user receives the parameter before joining into the network, which is provided by server. Instead of 
giving password directly, password is mapped with DNA molecule along with the number to provide greater 
level of security which is not known to the eavesdropper who always tries to retrieve the password. Password 
is generated by combining DNA molecules such as Adenine (A), Thymine (T), Guanine (G) and Cytosine(C) 
as shown in Table II. 

Step 1 : Server can map the password message with DNA nucleotide using the Table I. 
Step 2: Convert the DNA nucleotide into number using the Table II. 

Example 

Password : Hyper 

DNA standard : ATG AAA ACA TTT ACT 

Password : 104030 101010 102010 404040 102040 
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Table I. Conversion of plain text to DNA molecule 



A 


-CCA 


K 


- GAA 


U 


- GTC 


B 


- GTT 


L 


- CGT 


V 


-TCC 


C 


- TTG 


M 


-CCT 


W 


-GCC 


D 


- GGT 


N 


- TCT 


X 


-ACT 


E 


- TTT 





- CGG 


Y 


-AAA 


F 


- TCG 


P 


- ACA 


Z 


- TCA 


G 


-CGC 


Q 


-CAA 






H 


- ATG 


R 


-ACT 






I 


- AGT 


S 


- GCA 






J 


- CGA 


T 


- CTT 







Table II. Conversion of nucleotide to number 



A -10 


C -20 


G -30 


T -40 



C. Registration Phase 

The user can use the smart card to send identification information for the server to authenticate as shown in 
Figure. 1 . 

Step 1 : If the smart card wants to register at the server with its own identity (IDi) and password (PWj), user 
has to compute the password as shown in the above example and send it with username to the server over a 
secure channel. Smart card chooses a random number RNi, Identity IDi and calculates Ui value using the 
generated password F(PWj) as shown in (5). 

Ui=h(F(PWi© RNf 1 ). (5) 

Then smart card sends {IDi, h (F(PW) ©RNi,Ui)} to the server. 

Smart Card > Server : { IL\ h(F(PWj) f RN b Ui)} (6) 

Step 2: Server generates a random number Si as secret key and chooses another random number RN 2 and 
calculates U 2 value using Ui and RN 2 . Server also provides the expiry date (EDi) and time stamp (Tsi) for 
each user to check its validity and time period respectively as shown in (8). 

U2=Ui*RN 2 _1 (7) 

Yf= h(EDi,Tsi) (8) 

QrE sl (h(F(PW0 1| RNi) || U 2 1| ID, || CI, || h(IDi || CIj || h(F(PWi) || RNi || h(ED i? T Si )) (9) 

Vrh(ID i5 S b CIO (10) 

Smart Card memory consists of following parameters 

e = r*G (11) 

c = r*P s =r*x*G (12) 

Then, server issues certificate to user i that contain the parameters (IDi,CIi,Qi,Vi,Yi). 
Step 3: User receives these information (IDi,CIi,Qi,Vi,Yi) and stores into the smart card. 

D. Pre- Computation phase 

Smart card chooses a random number r and calculates e=(r*G) and c=(r*P s )=r*x*G. Then (e,c) is stored in 
card memory for use in the authentication phase. 

E. Authentication Phase 

If user i log-in to the server by using his own smart card content and respective password as shown in 
Figure. 2. 

Step 1: Smart card calculates Evi(e) and send Evi(e) and Qi to the server e=(r x G). 

Step 2: Server uses secret key Si to decrypt Q { = (U 2 || IDi || CI; || h(F(PWj) || RNI || h(EDi,Tsi))) and 

calculates, 

Ui=U 2 *RN 2 (13) 
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Yi=h((EDi,Tsi) 
VrHIDj.Yj.l^CIi). 



(14) 
(15) 



F. Mutual Authentication 

The server will verify the parameter comparing with the calculated values 

• Is Cli is stored in the registration table 

• Is IDi in the registration 

• Is Date is expired 

• Is Time Stamp is equal 



SMART CARD 




SERVER 


• Generate the Password F(PWi) 




Receives: 


• Select Random Number RNi 




{ID^htFCPW^RNuUO} 


• Computes : Ui=h(F(PWi 85 RN 


{Wh(F(PW)©RN,,U,)} 




• Sends 


^ Selects Random Number RN 2 _1 






Computes: 






U^U^RN/ 1 






Y i =h(ED 1 ,Ts 1 ) 






Q^EJKFtPWi)! RNO 






! U 2 | ID,! CI,! h(IDi! CI;! h(F(PWi) 






! RN! j hCED.Js,)) 






V^hODi^^CIi) 


Receives : 




Sends: 


Card= (ID^CkQ^Yi) 


(ID^CI^V^) 


(ID.CI.&^YD 





Figure 1. Registration Phase 

If any of the above verification is false then server rejects the agreement. If above verifications are true, then 
the server selects the random number R s and calculates, 

c=e*x=r*x*G (16) 

M s =h(c || R s || V,|| YO (17) 

Server sends (c, M s ) to the smartcard 

Step 3: Smart card calculates and checks M s , then Smart Card send M u to the server. 

M^hCKPW, || RNi) || Ui || c || R s ) (18) 
S k =h(Vi,c,u) (19) 
Step 4: Server checks Mu. If M u is true, calculates session key S k =h (V i? c, u) accepts login request. 
G. Password-Changing Phase 

User T wants to change password. Change the message using session key, can encrypt smart card. Session 
key is produced in authentication phase. Smart card selects a random number RNi* and another new 
password F(PWi)* and sends, Esk (ID i ,h(F(PW i )* || RNi*)) to the server. Server receives the messages. It 
recalculates Qi*, Qi*=Es(h(F(PWi)* || RNi*) || IDi || Cli || h(E>i || Cli || h(F(PWj)* || RNi*))). Sends 
Esk(Qi*) to smart card. Smart card will decrypt Qi* using session key and store in its memory. 

V. Simulation Results And Discussions 

The simulation parameters are processing time and key size: Processing time is the total time taken to finish 
the task (phase) by the personal computer. Key size is the size of the key used for encrypts and decrypt the 
message using HECC. MATLAB software is used to implement the proposed scheme which consists of 
parameter generation phase, password generating phase, registration phase, pre-computation phase, 
authentication phase, and password-changing phase. Simulation results show the variation of processing time 
of each and every phase with respect to the key size. From this result, it is inferred that the number of bits 
involved providing authentication using HECC is less than ECC. Finally, performances of both existing and 
proposed scheme are compared for each and every phase with respect to key size as show in table. 3. 
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SMART CARD 




SERVER 


• Select an Random number 

• Computes : e = r*G, c=r*Ps= 

• Stores : (e,c) 

• Calculates: E V i(e) ,Q i 

• Sends 


:e 

r*x*G 

Evife-j ,0; ^ Receives: E vi( ^ ,0 i 




Select an Random Number :S, 
Decrypt Q ; using S i 

Qi=(U 2 ! IDi| Clij h(F(PW[)| RNj! h(ED i5 TSi))) 






Calculates: 

Ui=U 2 *RN 2 

Y i =h(ED i ,Ts) 

Vi=h(IDi,Yi,Ui,CIi) 


Calculates: 


4 CMs 


Verification : 

If CI i =CI i '& ID^ID^ ED^ED^ & Ts^Ts;' 

Then'User is Valid & Authenticated' 
Select an Random Number : R s 
Calculates :M s =h(cj R s | Vij Yi) 
C=r*x*G 

Sends 


M u =h(h(PWi | RNj) | Uj ! 
S k =h(Vi, c,u) 


c ! R s ) 


If M u is True 
Then S k =h(V i5 c, u) 
Else 

'User is Invalid and Unauthenticated' 



Figure 2. Authentication phase 

Parameter generation phase took more processing time for generating parameters using existing scheme 
(ECC) than proposed scheme (HECC). From the Figure.3, it is inferred that for key size 35 bits, ECC takes 
the processing time of 389 milliseconds whereas HECC takes only 289 milliseconds. Figure.4 shows that the 
total time taken to map DNA molecule with password, and mapping of Nucleotide to number is 270 ms (52 
bit key size). ECC takes the processing time of 320 milliseconds for the same key size. During registration 
process, user receives parameter from the trusted server, and stores it in smart card memory which takes 
processing time of 479ms for ECC, and 343ms for HECC (52 bit key size) as shown in Figure.5. Pre- 
Computation phase generates two parameter e and c which are used for mutual authentication phase take 
250ms (ECC) and 198ms (HECC) for the same key size as shown in Figure.6. Figure.7 shows that total 
processing time taken to authenticate both server and smart card with the help of generated parameter for 52 
bit key size. For the key size 52 bits, ECC takes the processing time of 512 milliseconds, whereas HECC 
takes only 353 milliseconds. User wants to change the password in password changing phase takes only 
275ms for HECC and 510ms for ECC (35 bit key size) as shown in Figure. 8. 




Key Si:&(bds) K*y Size(bits) 

Figure 3. Parameter generation phase Figure 4. Password generating phase 
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Figure 7. Authentication phase Figure 8. Password changing phase 



Table III. Comparison table 



S.No 


Phase 


Existing Scheme 


Proposed Scheme 


Key size(bits) 


Processing time(ms) 


Key size(bits) 


Processing time(ms) 


1 


Parameter Generation 


52 


350 


52 


243 


2 


Password Generating 


52 


320 


52 


270 


3 


Registration 


52 


479 


52 


343 


4 


Pre-computation 


52 


480 


52 


389 


5 


Authentication 


52 


512 


52 


353 


6 


Password-Changing 


52 


620 


52 


398 



VI. Conclusion 

Existing authenticated key agreement scheme fails to save the password from the eavesdroppers whereas 
DNA based password authentication scheme avoids password hacking by mapping original message with 
DNA molecule along with number to improve the level of security. Proposed scheme replaces ECC by 
extended cryptosystem for encryption and decryption of message which consumes less power and less 
processing time suitable for power constrained device. Addition of mutual authentication phase enables to 
check validity and identity of both user and server which avoid denial of service, non-repudiation, data 
integrity and forgery. Password changing phase avoid phishing and hacking of password. 
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